quickjs icon indicating copy to clipboard operation
quickjs copied to clipboard
Published 1 month ago verified publisher icon bellard

quickjs.c:1997: void JS_FreeRuntime(JSRuntime *): Assertion `list_empty(&rt->gc_obj_list)' failed.

Open Qbtly opened this issue 1 year ago • 0 comments

Version

3b45d155c77bbdfe9177b1e03db830d2aff0b2a8

Build platform

Ubuntu 22.04.3

Build steps
make qjs
Test case
function* v0(v1,v2,v3) {
   return new Date(16, Math);
}
const v49 = v0();
const v20 = Array.from(v49);
Execution steps
./qjs poc.js
Output
qjs: quickjs.c:1997: void JS_FreeRuntime(JSRuntime *): Assertion `list_empty(&rt->gc_obj_list)' failed.

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=0, signo=6, threadid=140737350612864) at ./nptl/pthread_kill.c:44
44	./nptl/pthread_kill.c: No such file or directory.

pwndbg> bt
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=140737350612864) at ./nptl/pthread_kill.c:44
#1  __pthread_kill_internal (signo=6, threadid=140737350612864) at ./nptl/pthread_kill.c:78
#2  __GI___pthread_kill (threadid=140737350612864, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3  0x00007ffff7ce8476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4  0x00007ffff7cce7f3 in __GI_abort () at ./stdlib/abort.c:79
#5  0x00007ffff7cce71b in __assert_fail_base (fmt=0x7ffff7e83150 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x5555556f4f30 "list_empty(&rt->gc_obj_list)", file=0x5555556f4f4d "quickjs.c", line=1997, function=<optimized out>) at ./assert/assert.c:92
#6  0x00007ffff7cdfe96 in __GI___assert_fail (assertion=0x5555556f4f30 "list_empty(&rt->gc_obj_list)", file=0x5555556f4f4d "quickjs.c", line=1997, function=0x5555556f4f57 "void JS_FreeRuntime(JSRuntime *)") at ./assert/assert.c:101
#7  0x000055555556bedc in JS_FreeRuntime (rt=rt@entry=0x5555559502a0) at quickjs.c:1997
#8  0x00005555555688ef in main (argc=argc@entry=2, argv=argv@entry=0x7fffffffe638) at qjs.c:532
#9  0x00007ffff7ccfd90 in __libc_start_call_main (main=main@entry=0x5555555679a0 <main>, argc=argc@entry=2, argv=argv@entry=0x7fffffffe638) at ../sysdeps/nptl/libc_start_call_main.h:58
#10 0x00007ffff7ccfe40 in __libc_start_main_impl (main=0x5555555679a0 <main>, argc=2, argv=0x7fffffffe638, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe628) at ../csu/libc-start.c:392
#11 0x00005555555678b5 in _start ()

Qbtly avatar Apr 07 '24 12:04 Qbtly